I appreciate you taking the time to express your concerns, @jkoenzuraida. Let me provide information about why you're getting emails about PCI compliance.
To start with, Intuit has a PCI service provider to help our QuickBooks Payments subscribers meet Data Security Standard (DSS) compliance requirements. If you've set up a QuickBooks Payments account to link with QuickBooks Self-Employed with SecurityMetrics, you'll have to complete its FastPass. This compliance is necessary if you purchase the PCI package from SecurityMetrics, which is why they charge a fee for the service.
In addition, you'll also need to complete Self-Assessment Questionnaires (SAQ) and set up your scans. You should also receive email instructions. If you haven't received email instructions, you can find more details about PCI compliance and your roles in this article: Learn about QuickBooks PCI Service.
To learn more about PCI data security standard compliance services, check this article:
Let me shed you some confirmation about the PCI Compliance, @kcharleskc.
Yes, PCI Compliance applies to all businesses, including non-profit merchants, that meet the security standards established by the PCI Security Standards Council.
Since the merchant will collect information from your customers when they make card payments, PCI compliance is mandatory as long as the company receives or accepts any card.
@jkoenzuraida It's totally because QB doesn't want to pay it, so they are trying to force it's customers to pay it instead. If you HAVE to be PCI compliant, use a different company, NOT the one that QB is partnered with. They are as shady and horrible as QB is.
If I only use Intuit's GoPayment on my phone, no other Intuit products. for maybe a hundred CC transactions a year, why would I need to purchase a PCI compliance package?
Even with minimal GoPayment transactions, prioritizing PCI compliance is essential for protecting your business and ensuring compliance with industry regulations. Let me share more about this data security requirement.
All businesses that handle credit or debit card transactions are required to comply with PCI DSS, regardless of transaction volume. It includes small businesses using mobile payment solutions like GoPayment. While the necessary level of compliance may vary based on transaction volume, the fundamental need for compliance remains.
To gain a comprehensive understanding of QuickBooks PCI compliance and the Payment Card Industry Data Security Standard (PCI DSS), I highly recommend exploring this informative article: Learn about the PCI DSS Compliance services.
This resource delves into the essential requirements, best practices, and tools necessary to ensure your business meets the rigorous standards set forth by the PCI Security Standards Council.
Furthermore, I’m pleased to share these valuable resources designed to help you effectively manage your payments through the QuickBooks GoPayment app. These guides will empower you to streamline your payment processes and enhance your overall customer experience:
I'm here to help with questions or concerns about QuickBooks Payment Card Industry Data Security Standard (PCI DSS) compliance. Let me know by commenting down below. I'm dedicated to ensuring that your experience is both satisfying and secure.
I've spoke with SecurityMetrics regarding this. I only run GoPayment on a single cell phone. I do not know if GoPayment stores the whole CC number and CCV info. At minimum they want me to purchase an $85 basic plan and a $10 phone scan, plus tax I would assume. Seems that no one can tell me if what GoPayment stores by default is of actual concern or not. So I feel like I'm just being fleeced for something that will actually do nothing. Kevin at SecurityMetrics recommended that if I feel that way, I should just stop taking CC as payment.
Seems like Intuit may have lots of clients just using GoPayment. Shouldn't there be a better definition of what is or is not required for just something that simple? Intuits own description of what happens when your purchase a plan is quite vague. Buy it and start a scan. Really? What exactly is being scanned and for what? I certainly don't need one more scanning utility on my phone.
As a long time customer: Quicken 1990, and then through Desktop, then Enterprise Desktop and now QB online 2024: Finding a new provider for accounting, invoicing and payments processing has found my to do list. email invoicing message failures + the PCI compliance runaround complimented by support ambivalence.
We just came to the exact same solution. It's time to commit to learn some other software product. Intuit is just a series of scams.
the audacity of suggesting that the end user can somehow influence where the software authors store data, is only surpassed by the audacity of demanding that the user should pay an annual fee for a unknown scanning software in their device to verify that Intuit didn't store credit card numbers on that device.
How do any of you Intuit employees, intentionally misleading users in this forum sleep at night? I'm curious are you lying to everyone in your life, or holding onto the illusion that you can keep your lying compartmentalized?
ITS YOUR SOFTWARE!!! YOU WROTE IT!!! ONLY YOU DECIDE WHERE DATA IS STORED!!!
PLEASE
PLEASE
PLEASE
ENLIGHTEN US HOW TO USE QUICKBOOKS ONLINE OR GO PAYMENT TO STORE CREDIT CARD NUMBERS ON OUR DEVICES!!! THAT'S WHAT YOU ARE ACCUSING US OF DOING!!! PROVE THAT THERE IS EVEN A METHOD TO DO IT FIRST!!!
I NEVER handle payments and understand that a previous explanation purported that even if ONLY names and invoice dates are accessible via my portal, that I need to be PCI compliant. WHY? I have NO access to any payment information WHATSOEVER. This seems like a scam to me, as merchants who have NO data to "comply" with or risk breech with and mandate $85 for something that Quickbooks handles in their own security measures. What happens if I don't "comply"?
BTW, I'm expecting some pat answer from QB that says we need to do it anyway and wondering if anyone has found a loophole or a less expensive route.
I NEVER handle payments and understand that a previous explanation purported that even if ONLY names and invoice dates are accessible via my portal, that I need to be PCI compliant. WHY? I have NO access to any payment information WHATSOEVER. This seems like a scam to me, as merchants who have NO data to "comply" with or risk breech with and mandate $85 for something that Quickbooks handles in their own security measures. What happens if I don't "comply"?
BTW, I'm expecting some pat answer from QB that says we need to do it anyway and wondering if anyone has found a loophole or a less expensive route.
Need QuickBooks guidance?
Log in to access expert advice and community support instantly.